dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '1988' into 'v2.0'

Browse Source 
Append an authentication level option for each URI (#1988)

See merge request lemonldap-ng/lemonldap-ng!101
This commit is contained in:
Christophe Maudoux 2019-10-30 20:40:21 +01:00
commit 0182b793a4
33 changed files with 321 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
fastcgi-server/man/llng-fastcgi-server.8p
View File

@ -1,4 +1,4 @@
.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
.\" .\"
.\" Standard preamble: .\" Standard preamble:
.\" ======================================================================== .\" ========================================================================
@ -54,20 +54,16 @@
.\" Avoid warning from groff about undefined register 'F'. .\" Avoid warning from groff about undefined register 'F'.
.de IX .de IX
.. ..
.nr rF 0 .if !\nF .nr F 0
.if \n(.g .if rF .nr rF 1 .if \nF>0 \{\
.if (\n(rF:(\n(.g==0)) \{\ . de IX
. if \nF \{\ . tm Index:\\$1\t\\n%\t"\\$2"
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
.. ..
. if !\nF==2 \{\ . if !\nF==2 \{\
. nr % 0 . nr % 0
. nr F 2 . nr F 2
. \}
. \} . \}
.\} .\}
.rr rF
.\" .\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts. .\" Fear. Run. Save yourself. No user-serviceable parts.
@ -133,7 +129,7 @@
.\" ======================================================================== .\" ========================================================================
.\" .\"
.IX Title "llng-fastcgi-server 8" .IX Title "llng-fastcgi-server 8"
.TH llng-fastcgi-server 8 "2019-09-24" "perl v5.28.1" "User Contributed Perl Documentation" .TH llng-fastcgi-server 8 "2019-10-30" "perl v5.26.1" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents. .\" way too many mistakes in technical documents.
.if n .ad l .if n .ad l

4
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm
View File

@ -195,9 +195,11 @@ sub virtualHosts {
type => 'keyText', type => 'keyText',
}; };
# If rule contains a comment, split it # If rule contains a comment or an AuthLevel, split them
if ( $query eq 'locationRules' ) { if ( $query eq 'locationRules' ) {
$res->{comment} = ''; $res->{comment} = '';
$res->{level} = '';
$res->{level} = $1 if ( $r =~ s/\(\?#AuthnLevel=(-?\d+)\)// );
if ( $r =~ s/\(\?#(.*?)\)// ) { if ( $r =~ s/\(\?#(.*?)\)// ) {
$res->{title} = $res->{comment} = $1; $res->{title} = $res->{comment} = $1;
} }

8
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm
View File

@ -281,6 +281,7 @@ sub locationRulesInit {
$class->tsv->{locationProtection}->{$vhost} = []; $class->tsv->{locationProtection}->{$vhost} = [];
$class->tsv->{locationRegexp}->{$vhost} = []; $class->tsv->{locationRegexp}->{$vhost} = [];
$class->tsv->{locationConditionText}->{$vhost} = []; $class->tsv->{locationConditionText}->{$vhost} = [];
$class->tsv->{locationAuthnLevel}->{$vhost} = [];
foreach my $url ( sort keys %{$rules} ) { foreach my $url ( sort keys %{$rules} ) {
my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} ); my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} );
@ -300,10 +301,14 @@ sub locationRulesInit {
push @{ $class->tsv->{locationCondition}->{$vhost} }, $cond; push @{ $class->tsv->{locationCondition}->{$vhost} }, $cond;
push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot; push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot;
push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/; push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/;
push @{ $class->tsv->{locationAuthnLevel}->{$vhost} },
$url =~ /\(\?#AuthnLevel=(-?\d+)\)/
? $1
: undef;
push @{ $class->tsv->{locationConditionText}->{$vhost} }, push @{ $class->tsv->{locationConditionText}->{$vhost} },
$url =~ /^\(\?#(.*?)\)/ ? $1 $url =~ /^\(\?#(.*?)\)/ ? $1
: $url =~ /^(.*?)##(.+)$/ ? $2 : $url =~ /^(.*?)##(.+)$/ ? $2
: $url; : $url;
$class->tsv->{locationCount}->{$vhost}++; $class->tsv->{locationCount}->{$vhost}++;
} }
} }
@ -451,6 +456,7 @@ sub postUrlInit {
# @return array (ref(sub), int) # @return array (ref(sub), int)
sub conditionSub { sub conditionSub {
my ( $class, $cond ) = @_; my ( $class, $cond ) = @_;
$cond =~ s/\(\?#(\d+)\)$//;
my ( $OK, $NOK ) = ( sub { 1 }, sub { 0 } ); my ( $OK, $NOK ) = ( sub { 1 }, sub { 0 } );
# Simple cases : accept and deny # Simple cases : accept and deny

23
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
View File

@ -267,10 +267,31 @@ sub checkMaintenanceMode {
# @return True if the user is granted to access to the current URL # @return True if the user is granted to access to the current URL
sub grant { sub grant {
my ( $class, $req, $session, $uri, $cond, $vhost ) = @_; my ( $class, $req, $session, $uri, $cond, $vhost ) = @_;
my $level;
return $cond->( $req, $session ) if ($cond); return $cond->( $req, $session ) if ($cond);
$vhost ||= $class->resolveAlias($req); $vhost ||= $class->resolveAlias($req);
if ( my $level = $class->tsv->{authnLevel}->{$vhost} ) {
# Using URL authentification level if exists
for (
my $i = 0 ;
$i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
$i++
)
{
if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
$level = $class->tsv->{locationAuthnLevel}->{$vhost}->[$i];
last;
}
}
$level
? $class->logger->debug(
'Found AuthnLevel=' . $level . ' for "' . "$vhost$uri" . '"' )
: $class->logger->debug("No URL authentication level found...");
# Using VH authentification level if exists
if ( $level ||= $class->tsv->{authnLevel}->{$vhost} ) {
if ( $session->{authenticationLevel} < $level ) { if ( $session->{authenticationLevel} < $level ) {
$class->logger->debug( $class->logger->debug(
"User authentication level = $session->{authenticationLevel}"); "User authentication level = $session->{authenticationLevel}");

61
lemonldap-ng-handler/t/60-Lemonldap-NG-Handler-PSGI.t
View File

@ -10,6 +10,7 @@ init('Lemonldap::NG::Handler::PSGI');
my $res; my $res;
# Unauthentified query # Unauthentified query
# --------------------
ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( $res = $client->_get('/'), 'Unauthentified query' );
ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' );
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
@ -24,26 +25,47 @@ ok(
'Location => http://auth.example.com/?url=' 'Location => http://auth.example.com/?url='
. encode_base64( 'http://test1.example.com/', '' ) . encode_base64( 'http://test1.example.com/', '' )
); );
count(4); count(4);
# Authentified queries # Authentified queries
# -------------------- # --------------------
# Authorized query # Authorized query
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
'Authentified query' ); 'Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 ); ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2); count(2);
# Denied query # Denied query
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
'Denied query' ); 'Denied query' );
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 ); ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
count(2); count(2);
# Required AuthnLevel = 1
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
'Weak Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
'Strong Authentified query'
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
'Redirection points to http://test1.example.com/AuthStrong'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
);
count(3);
# Bad cookie # Bad cookie
ok( ok(
$res = $client->_get( $res = $client->_get(
@ -58,9 +80,38 @@ ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
unlink( unlink(
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock' 't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
); );
count(2); count(2);
# Required AuthnLevel = 1
ok(
$res = $client->_get(
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
),
'Weak Authentified query'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res =
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
'Default Authentified query'
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' ),
'Redirection points to http://test2.example.com/'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' )
);
count(3);
done_testing( count() ); done_testing( count() );
clean(); clean();

61
lemonldap-ng-handler/t/61-Lemonldap-NG-Handler-PSGI-Server.t
View File

@ -9,6 +9,7 @@ init('Lemonldap::NG::Handler::Server');
my $res; my $res;
# Unauthentified query # Unauthentified query
# --------------------
ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( $res = $client->_get('/'), 'Unauthentified query' );
ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' );
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
@ -23,17 +24,14 @@ ok(
'Location => http://auth.example.com/?url=' 'Location => http://auth.example.com/?url='
. encode_base64( 'http://test1.example.com/', '' ) . encode_base64( 'http://test1.example.com/', '' )
); );
count(4); count(4);
# Authentified queries # Authentified queries
# -------------------- # --------------------
# Authorized query # Authorized query
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
'Authentified query' ); 'Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 ); ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2); count(2);
# Check headers # Check headers
@ -46,9 +44,33 @@ count(1);
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
'Denied query' ); 'Denied query' );
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 ); ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
count(2); count(2);
# Required AuthnLevel = 1
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
'Weak Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
'Strong Authentified query'
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
'Redirection points to http://test1.example.com/AuthStrong'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
);
count(3);
# Bad cookie # Bad cookie
ok( ok(
$res = $client->_get( $res = $client->_get(
@ -63,9 +85,38 @@ ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
unlink( unlink(
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock' 't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
); );
count(2); count(2);
# Required AuthnLevel = 1
ok(
$res = $client->_get(
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
),
'Weak Authentified query'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res =
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
'Default Authentified query'
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' ),
'Redirection points to http://test2.example.com/'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' )
);
count(3);
done_testing( count() ); done_testing( count() );
clean(); clean();

58
lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t
View File

@ -34,7 +34,6 @@ count(4);
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
'Authentified query' ); 'Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 ); ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2); count(2);
# Check headers # Check headers
@ -49,9 +48,33 @@ count(2);
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ), ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
'Denied query' ); 'Denied query' );
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 ); ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
count(2); count(2);
# Required AuthnLevel = 1
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
'Weak Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
'Strong Authentified query'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res, 401 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
'Redirection points to http://test1.example.com/AuthStrong'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
);
count(3);
# Bad cookie # Bad cookie
ok( ok(
$res = $client->_get( $res = $client->_get(
@ -66,9 +89,38 @@ ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
unlink( unlink(
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock' 't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
); );
count(2); count(2);
# Required AuthnLevel = 1
ok(
$res = $client->_get(
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
),
'Weak Authentified query'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
count(2);
# Required AuthnLevel = 5
ok(
$res =
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
'Default Authentified query'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res, 401 );
%h = @{ $res->[1] };
ok(
$h{Location} eq 'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' ),
'Redirection points to http://test2.example.com/'
)
or explain(
\%h,
'http://auth.example.com//upgradesession?url='
. encode_base64( 'http://test2.example.com/', '' )
);
count(3);
done_testing( count() ); done_testing( count() );
clean(); clean();

8
lemonldap-ng-handler/t/lmConf-1.json
View File

@ -41,11 +41,14 @@
"default": "$uid eq \"dwho\"" "default": "$uid eq \"dwho\""
}, },
"test1.example.com": { "test1.example.com": {
"^/AuthStrong(?#AuthnLevel=5)": "accept",
"^/AuthWeak(?#AuthnLevel=1)": "accept",
"^/logout": "logout_sso", "^/logout": "logout_sso",
"^/deny": "deny", "^/deny": "deny",
"default": "accept" "default": "accept"
}, },
"test2.example.com": { "test2.example.com": {
"^/AuthWeak(?#AuthnLevel=1)": "accept",
"^/logout": "logout_sso", "^/logout": "logout_sso",
"default": "accept" "default": "accept"
}, },
@ -60,5 +63,10 @@
"portal": "http://auth.example.com/", "portal": "http://auth.example.com/",
"reloadUrls": {}, "reloadUrls": {},
"userDB": "Demo", "userDB": "Demo",
"vhostOptions": {
"test2.example.com": {
"vhostAuthnLevel": 5
}
},
"whatToTrace": "_whatToTrace" "whatToTrace": "_whatToTrace"
} }

1
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm
View File

@ -266,6 +266,7 @@ sub _scanNodes {
$leaf->{comment} $leaf->{comment}
? "(?#$leaf->{comment})$leaf->{re}" ? "(?#$leaf->{comment})$leaf->{re}"
: $leaf->{re}; : $leaf->{re};
$k .= "(?#AuthnLevel=$leaf->{level})" if $leaf->{level};
$self->set( $target, $key, $k, $leaf->{data} ); $self->set( $target, $key, $k, $leaf->{data} );
} }
else { else {

4
lemonldap-ng-manager/site/coffee/manager.coffee
View File

@ -592,6 +592,10 @@ llapp.controller 'TreeCtrl', [
if a.template if a.template
a._nodes = templates a.template, a.title a._nodes = templates a.template, a.title
node.nodes.push a node.nodes.push a
if a.type.match /^rule$/
console.log "Parse rule AuthnLevel as integer"
if a.level and typeof a.level == 'string'
a.level = parseInt(a.level, 10)
d.resolve 'OK' d.resolve 'OK'
$scope.waiting = false $scope.waiting = false
, (response) -> , (response) ->

4
lemonldap-ng-manager/site/htdocs/static/forms/rule.html
View File

@ -17,6 +17,10 @@
<th><span trspan="rule"></span></th> <th><span trspan="rule"></span></th>
<td><textarea rows="3" id="hashvalueinput" class="form-control" ng-model="currentNode.data"/></td> <td><textarea rows="3" id="hashvalueinput" class="form-control" ng-model="currentNode.data"/></td>
</tr> </tr>
<tr ng-if="currentNode.re!='default'">
<th><span trspan="ruleAuthnLevel"></span></th>
<td><input id="ruleAuthnLevel" type="number" class="form-control" ng-model="currentNode.level"/></td>
</tr>
</table> </table>
</div> </div>
<script type="text/menu"> <script type="text/menu">

9
lemonldap-ng-manager/site/htdocs/static/forms/ruleContainer.html
View File

@ -7,7 +7,8 @@
<tr> <tr>
<th width="20%" trspan="comments"></th> <th width="20%" trspan="comments"></th>
<th width="30%" trspan="regexps"></th> <th width="30%" trspan="regexps"></th>
<th width="50%" trspan="rules"></th> <th width="40%" trspan="rules"></th>
<th width="7%" trspan="rulesAuthnLevel"></th>
<th /> <th />
</tr> </tr>
</thead> </thead>
@ -28,6 +29,12 @@
<td> <td>
<input class="form-control" ng-model="s.data"/> <input class="form-control" ng-model="s.data"/>
</td> </td>
<td ng-if="s.re!='default'">
<input type="number" class="form-control" ng-model="s.level"/>
</td>
<td ng-if="s.re=='default'">
<input class="form-control" placeholder="defaultLevel" readonly/>
</td>
<td> <td>
<span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/> <span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/>
<span ng-if="$last" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newRule'})"/> <span ng-if="$last" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newRule'})"/>

3
lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js vendored
View File

@ -1 +1,2 @@
(function(){var F;F={authParams:function(C,b,y){var n,o,x,e,s;for(s=[],n=0,o=(e=y.nodes).length;n<o;n++)x=e[n],s.push(C.getKey(x));return b.all(s).then(function(){var n,o,e,s,t,a,d,i,r,l,c,f,h,u,g,m,_,p,w,P,v;for(!1,l=[],h=function(n){var o;if("openidconnect"===(o=n.toLowerCase())&&(o="oidc"),l.push(o+"Params"),"ad"===o)return l.push("ldapParams")},n=0,s=(m=y.nodes).length;n<s;n++)h((x=m[n]).data);for(o=0,t=(_=y.nodes_cond).length;o<t;o++){if(P=0,c=(x=_[o])._nodes?x._nodes:x.nodes,"Choice"===y.nodes[0].data&&"choiceParams"===x.id)if(console.log("Choice is selected"),c[1].cnodes)P++;else for(e=0,a=(c=c[1]._nodes?c[1]._nodes:c[1].nodes).length;e<a;e++)for(f=0,d=(p=c[e].data).length;f<d;f++)"string"==typeof(v=p[f])&&h(v);else if("Combination"===y.nodes[0].data&&"combinationParams"===x.id)if(console.log("Combination is selected"),c[1].cnodes)P++;else for(u=0,i=(c=c[1]._nodes?c[1]._nodes:c[1].nodes).length;u<i;u++)h(c[u].data.type);if(P)return C.waiting=!0,void C.download({$modelValue:c[1]}).then(function(){return F.authParams(C,b,y)})}for(g=0,r=(w=y.nodes_cond).length;g<r;g++)x=w[g],-1===l.indexOf(x.id)?x.show=!1:x.show=!0})}},window.filterFunctions=F}).call(this); (function(){var n;n={authParams:function(o,e,s){var t,a,d,i,r;for(r=[],i=s.nodes,t=0,a=i.length;t<a;t++)d=i[t],r.push(o.getKey(d));return e.all(r).then(function(){var t,a,i,r,l,c,f,h,u,g,m,_,p,w,P,v,C,b,y,x,F,K,L;for(t=!1,_=[],P=function(n){var o;if(o=n.toLowerCase(),"openidconnect"===o&&(o="oidc"),_.push(o+"Params"),"ad"===o)return _.push("ldapParams")},b=s.nodes,a=0,l=b.length;a<l;a++)d=b[a],P(d.data);for(y=s.nodes_cond,i=0,c=y.length;i<c;i++){if(d=y[i],K=0,p=d._nodes?d._nodes:d.nodes,"Choice"===s.nodes[0].data&&"choiceParams"===d.id)if(console.log("Choice is selected"),p[1].cnodes)K++;else for(p=p[1]._nodes?p[1]._nodes:p[1].nodes,r=0,f=p.length;r<f;r++)for(m=p[r],x=m.data,w=0,h=x.length;w<h;w++)"string"==typeof(L=x[w])&&P(L);else if("Combination"===s.nodes[0].data&&"combinationParams"===d.id)if(console.log("Combination is selected"),p[1].cnodes)K++;else for(p=p[1]._nodes?p[1]._nodes:p[1].nodes,v=0,u=p.length;v<u;v++)m=p[v],P(m.data.type);if(K)return o.waiting=!0,void o.download({$modelValue:p[1]}).then(function(){return n.authParams(o,e,s)})}for(F=s.nodes_cond,C=0,g=F.length;C<g;C++)d=F[C],t||-1!==_.indexOf(d.id)?d.show=!0:d.show=!1})}},window.filterFunctions=n}).call(this);
//# sourceMappingURL=lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js.map

2
lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js.map
View File

@ -1 +1 @@
{"version":3,"sources":["lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.js"],"names":["filterFunctions","authParams","scope","$q","node","i","len","n","ref","wait","nodes","length","push","getKey","all","then","j","k","l","len1","len2","len3","len4","len5","len6","nToShow","nd","o","p","q","r","ref1","ref2","ref3","ref4","restart","s","tmp","toLowerCase","data","nodes_cond","_nodes","id","console","log","cnodes","type","waiting","download","$modelValue","indexOf","show","window","call","this"],"mappings":"CACA,WACE,IAAIA,EAEJA,EAAkB,CAChBC,WAAY,SAASC,EAAOC,EAAIC,GAC9B,IAAIC,EAAGC,EAAKC,EAAGC,EAAKC,EAGpB,IAFAA,EAAO,GAEFJ,EAAI,EAAGC,GADZE,EAAMJ,EAAKM,OACWC,OAAQN,EAAIC,EAAKD,IACrCE,EAAIC,EAAIH,GACRI,EAAKG,KAAKV,EAAMW,OAAON,IAEzB,OAAOJ,EAAGW,IAAIL,GAAMM,KAAK,WACvB,IAASC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,EAASC,EAAIC,EAAGC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,EAenH,KAdM,EACNX,EAAU,GACVG,EAAI,SAASQ,GACX,IAAIC,EAMJ,GAJY,mBADZA,EAAMD,EAAEE,iBAEND,EAAM,QAERZ,EAAQb,KAAKyB,EAAM,UACP,OAARA,EACF,OAAOZ,EAAQb,KAAK,eAInBI,EAAI,EAAGG,GADZY,EAAO3B,EAAKM,OACYC,OAAQK,EAAIG,EAAMH,IAExCY,GADArB,EAAIwB,EAAKf,IACLuB,MAGN,IAAKtB,EAAI,EAAGG,GADZY,EAAO5B,EAAKoC,YACY7B,OAAQM,EAAIG,EAAMH,IAAK,CAI7C,GAFAkB,EAAU,EACVT,GAFAnB,EAAIyB,EAAKf,IAEFwB,OAASlC,EAAEkC,OAASlC,EAAEG,MACF,WAAvBN,EAAKM,MAAM,GAAG6B,MAA8B,iBAAThC,EAAEmC,GAEvC,GADAC,QAAQC,IAAI,sBACRlB,EAAG,GAAGmB,OACRV,SAGA,IAAKjB,EAAI,EAAGG,GADZK,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGhB,OACnBC,OAAQO,EAAIG,EAAMH,IAGtC,IAAKS,EAAI,EAAGL,GADZW,EADIP,EAAGR,GACEqB,MACe5B,OAAQgB,EAAIL,EAAMK,IAEvB,iBADjBS,EAAIH,EAAKN,KAEPC,EAAEQ,QAKL,GAA2B,gBAAvBhC,EAAKM,MAAM,GAAG6B,MAAmC,sBAAThC,EAAEmC,GAEnD,GADAC,QAAQC,IAAI,2BACRlB,EAAG,GAAGmB,OACRV,SAGA,IAAKN,EAAI,EAAGN,GADZG,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGhB,OACnBC,OAAQkB,EAAIN,EAAMM,IAEtCD,EADIF,EAAGG,GACHU,KAAKO,MAIf,GAAIX,EAOF,OANAjC,EAAM6C,SAAU,OAChB7C,EAAM8C,SAAS,CACbC,YAAevB,EAAG,KACjBX,KAAK,WACN,OAAOf,EAAgBC,WAAWC,EAAOC,EAAIC,KAMnD,IAAK0B,EAAI,EAAGN,GADZU,EAAO9B,EAAKoC,YACY7B,OAAQmB,EAAIN,EAAMM,IACxCvB,EAAI2B,EAAKJ,IAC8B,IAA3BL,EAAQyB,QAAQ3C,EAAEmC,IAC5BnC,EAAE4C,MAAO,EAET5C,EAAE4C,MAAO,MAOnBC,OAAOpD,gBAAkBA,IAExBqD,KAAKC"} {"version":3,"sources":["lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.js"],"names":["filterFunctions","authParams","scope","$q","node","i","len","n","ref","wait","nodes","length","push","getKey","all","then","j","k","l","len1","len2","len3","len4","len5","len6","m","nToShow","nd","o","p","q","r","ref1","ref2","ref3","ref4","restart","s","tmp","toLowerCase","data","nodes_cond","_nodes","id","console","log","cnodes","type","waiting","download","$modelValue","indexOf","show","window","call","this"],"mappings":"CACA,WACE,GAAIA,EAEJA,IACEC,WAAY,SAASC,EAAOC,EAAIC,GAC9B,GAAIC,GAAGC,EAAKC,EAAGC,EAAKC,CAGpB,KAFAA,KACAD,EAAMJ,EAAKM,MACNL,EAAI,EAAGC,EAAME,EAAIG,OAAQN,EAAIC,EAAKD,IACrCE,EAAIC,EAAIH,GACRI,EAAKG,KAAKV,EAAMW,OAAON,GAEzB,OAAOJ,GAAGW,IAAIL,GAAMM,KAAK,WACvB,GAAID,GAAKE,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAAGC,EAASC,EAAIC,EAAGC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,CAenH,KAdAvB,GAAM,EACNY,KACAG,EAAI,SAASQ,GACX,GAAIC,EAMJ,IALAA,EAAMD,EAAEE,cACI,kBAARD,IACFA,EAAM,QAERZ,EAAQd,KAAK0B,EAAM,UACP,OAARA,EACF,MAAOZ,GAAQd,KAAK,eAGxBoB,EAAO5B,EAAKM,MACPM,EAAI,EAAGG,EAAOa,EAAKrB,OAAQK,EAAIG,EAAMH,IACxCT,EAAIyB,EAAKhB,GACTa,EAAEtB,EAAEiC,KAGN,KADAP,EAAO7B,EAAKqC,WACPxB,EAAI,EAAGG,EAAOa,EAAKtB,OAAQM,EAAIG,EAAMH,IAAK,CAI7C,GAHAV,EAAI0B,EAAKhB,GACTmB,EAAU,EACVT,EAAKpB,EAAEmC,OAASnC,EAAEmC,OAASnC,EAAEG,MACF,WAAvBN,EAAKM,MAAM,GAAG8B,MAA8B,iBAATjC,EAAEoC,GAEvC,GADAC,QAAQC,IAAI,sBACRlB,EAAG,GAAGmB,OACRV,QAGA,KADAT,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGjB,MACpCQ,EAAI,EAAGG,EAAOM,EAAGhB,OAAQO,EAAIG,EAAMH,IAGtC,IAFAO,EAAIE,EAAGT,GACPgB,EAAOT,EAAEe,KACJZ,EAAI,EAAGN,EAAOY,EAAKvB,OAAQiB,EAAIN,EAAMM,IAEvB,iBADjBS,EAAIH,EAAKN,KAEPC,EAAEQ,OAKL,IAA2B,gBAAvBjC,EAAKM,MAAM,GAAG8B,MAAmC,sBAATjC,EAAEoC,GAEnD,GADAC,QAAQC,IAAI,2BACRlB,EAAG,GAAGmB,OACRV,QAGA,KADAT,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGjB,MACpCoB,EAAI,EAAGP,EAAOI,EAAGhB,OAAQmB,EAAIP,EAAMO,IACtCL,EAAIE,EAAGG,GACPD,EAAEJ,EAAEe,KAAKO,KAIf,IAAIX,EAOF,MANAlC,GAAM8C,SAAU,MAChB9C,GAAM+C,UACJC,YAAevB,EAAG,KACjBZ,KAAK,WACN,MAAOf,GAAgBC,WAAWC,EAAOC,EAAIC,KAMnD,IADA+B,EAAO/B,EAAKqC,WACPV,EAAI,EAAGP,EAAOW,EAAKxB,OAAQoB,EAAIP,EAAMO,IACxCxB,EAAI4B,EAAKJ,GACJjB,IAAkC,IAA3BY,EAAQyB,QAAQ5C,EAAEoC,IAG5BpC,EAAE6C,MAAO,EAFT7C,EAAE6C,MAAO,MASnBC,OAAOrD,gBAAkBA,IAExBsD,KAAKC","file":"lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js"}

6
lemonldap-ng-manager/site/htdocs/static/js/manager.js
View File

@ -739,6 +739,12 @@ This file contains:
a._nodes = templates(a.template, a.title); a._nodes = templates(a.template, a.title);
} }
node.nodes.push(a); node.nodes.push(a);
if (a.type.match(/^rule$/)) {
console.log("Parse rule AuthnLevel as integer");
if (a.level && typeof a.level === 'string') {
a.level = parseInt(a.level, 10);
}
}
} }
d.resolve('OK'); d.resolve('OK');
} }

6
lemonldap-ng-manager/site/htdocs/static/js/manager.min.js vendored
View File

File diff suppressed because one or more lines are too long

6
lemonldap-ng-manager/site/htdocs/static/js/manager.min.js.map
View File

File diff suppressed because one or more lines are too long

3
lemonldap-ng-manager/site/htdocs/static/js/notifications.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/notifications.min.js.map
View File

File diff suppressed because one or more lines are too long

3
lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js.map
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
View File

@ -752,7 +752,9 @@
"returnUrl":"إرجاع اليو آر إل", "returnUrl":"إرجاع اليو آر إل",
"rp":"Relying Party", "rp":"Relying Party",
"rule":"القاعدة", "rule":"القاعدة",
"ruleAuthnLevel":"Required authentication level",
"rules":"القواعد", "rules":"القواعد",
"rulesAuthnLevel":"Required authentication levels",
"Same":"نفسه", "Same":"نفسه",
"save":"حفظ", "save":"حفظ",
"saveReport":"احفظ التقرير", "saveReport":"احفظ التقرير",

4
lemonldap-ng-manager/site/htdocs/static/languages/de.json
View File

@ -414,7 +414,7 @@
"loadFromUrl":"Load from URL", "loadFromUrl":"Load from URL",
"localSessionStorage":"Cache module", "localSessionStorage":"Cache module",
"localSessionStorageOptions":"Cache module options", "localSessionStorageOptions":"Cache module options",
"locationRules":"Access rule", "locationRules":"Access rules",
"loginHistory":"Login history", "loginHistory":"Login history",
"loginHistoryEnabled":"Activation", "loginHistoryEnabled":"Activation",
"logo":"Logo", "logo":"Logo",
@ -752,7 +752,9 @@
"returnUrl":"Return URL", "returnUrl":"Return URL",
"rp":"Relying Party", "rp":"Relying Party",
"rule":"Rule", "rule":"Rule",
"ruleAuthnLevel":"Required authentication level",
"rules":"Regeln", "rules":"Regeln",
"rulesAuthnLevel":"Required authentication levels",
"Same":"Same", "Same":"Same",
"save":"Save", "save":"Save",
"saveReport":"Save report", "saveReport":"Save report",

4
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View File

@ -414,7 +414,7 @@
"loadFromUrl":"Load from URL", "loadFromUrl":"Load from URL",
"localSessionStorage":"Cache module", "localSessionStorage":"Cache module",
"localSessionStorageOptions":"Cache module options", "localSessionStorageOptions":"Cache module options",
"locationRules":"Access rule", "locationRules":"Access rules",
"loginHistory":"Login history", "loginHistory":"Login history",
"loginHistoryEnabled":"Activation", "loginHistoryEnabled":"Activation",
"logo":"Logo", "logo":"Logo",
@ -752,7 +752,9 @@
"returnUrl":"Return URL", "returnUrl":"Return URL",
"rp":"Relying Party", "rp":"Relying Party",
"rule":"Rule", "rule":"Rule",
"ruleAuthnLevel":"Required authentication level",
"rules":"Rules", "rules":"Rules",
"rulesAuthnLevel":"Required authentication levels",
"Same":"Same", "Same":"Same",
"save":"Save", "save":"Save",
"saveReport":"Save report", "saveReport":"Save report",

2
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -752,7 +752,9 @@
"returnUrl":"URL de retour", "returnUrl":"URL de retour",
"rp":"Client", "rp":"Client",
"rule":"Règle", "rule":"Règle",
"ruleAuthnLevel":"Niveau d'authentication requis",
"rules":"Règles", "rules":"Règles",
"rulesAuthnLevel":"Niveaux d'authentification requis",
"Same":"Identique", "Same":"Identique",
"save":"Sauver", "save":"Sauver",
"saveReport":"Rapport de sauvegarde", "saveReport":"Rapport de sauvegarde",

2
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View File

@ -752,7 +752,9 @@
"returnUrl":"URL di ritorno", "returnUrl":"URL di ritorno",
"rp":"Parte facente affidamento", "rp":"Parte facente affidamento",
"rule":"Regola", "rule":"Regola",
"ruleAuthnLevel":"Required authentication level",
"rules":"Regole", "rules":"Regole",
"rulesAuthnLevel":"Required authentication levels",
"Same":"Stesso", "Same":"Stesso",
"save":"Salva", "save":"Salva",
"saveReport":"Salva report", "saveReport":"Salva report",

2
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View File

@ -752,7 +752,9 @@
"returnUrl":"Trả lại URL", "returnUrl":"Trả lại URL",
"rp":"Relying Party", "rp":"Relying Party",
"rule":"Quy tắc", "rule":"Quy tắc",
"ruleAuthnLevel":"Required authentication level",
"rules":"Quy tắc", "rules":"Quy tắc",
"rulesAuthnLevel":"Required authentication levels",
"Same":"Tương tự", "Same":"Tương tự",
"save":"Lưu", "save":"Lưu",
"saveReport":"Lưu báo cáo", "saveReport":"Lưu báo cáo",

4
lemonldap-ng-manager/site/htdocs/static/languages/zh.json
View File

@ -414,7 +414,7 @@
"loadFromUrl":"Load from URL", "loadFromUrl":"Load from URL",
"localSessionStorage":"Cache module", "localSessionStorage":"Cache module",
"localSessionStorageOptions":"Cache module options", "localSessionStorageOptions":"Cache module options",
"locationRules":"Access rule", "locationRules":"Access rules",
"loginHistory":"登陆记录", "loginHistory":"登陆记录",
"loginHistoryEnabled":"激活", "loginHistoryEnabled":"激活",
"logo":"Logo", "logo":"Logo",
@ -752,7 +752,9 @@
"returnUrl":"Return URL", "returnUrl":"Return URL",
"rp":"Relying Party", "rp":"Relying Party",
"rule":"Rule", "rule":"Rule",
"ruleAuthnLevel":"Required authentication level",
"rules":"Rules", "rules":"Rules",
"rulesAuthnLevel":"Required authentication levels",
"Same":"Same", "Same":"Same",
"save":"Save", "save":"Save",
"saveReport":"Save report", "saveReport":"Save report",

3
lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js.map
View File

File diff suppressed because one or more lines are too long

3
lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js vendored
View File

@ -1 +1,2 @@
(function(){var r,e,n,t,o;n=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},r=function(e,r,t){var o;if(console.log("Error",t),(o=JSON.parse(e.responseText))&&o.error)return o=o.error.replace(/.* /,""),console.log("Returned error",o),n(o,"warning")},t="",e=function(e){return n("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:e},error:r,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),n(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?n("yourNewTotpKey","warning"):n("yourTotpKey","success"),t=e.token):n("PE24","danger")}})},o=function(){var e;return(e=$("#code").val())?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:t,code:e,TOTPName:$("#TOTPName").val()},error:r,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?n(e.error,"warning"):n(e.error,"danger"):n("yourKeyIsRegistered","success")}}):n("fillTheForm","warning")},$(document).ready(function(){return e(0),$("#changekey").on("click",function(){return e(1)}),$("#verify").on("click",function(){return o()})})}).call(this); (function(){var e,r,t,o,n;t=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},e=function(e,r,o){var n;if(console.log("Error",o),(n=JSON.parse(e.responseText))&&n.error)return n=n.error.replace(/.* /,""),console.log("Returned error",n),t(n,"warning")},o="",r=function(r){return t("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:r},error:e,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),t(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?t("yourNewTotpKey","warning"):t("yourTotpKey","success"),o=e.token):t("PE24","danger")}})},n=function(){var r;return r=$("#code").val(),r?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:o,code:r,TOTPName:$("#TOTPName").val()},error:e,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?t(e.error,"warning"):t(e.error,"danger"):t("yourKeyIsRegistered","success")}}):t("fillTheForm","warning")},$(document).ready(function(){return r(0),$("#changekey").on("click",function(){return r(1)}),$("#verify").on("click",function(){return n()})})}).call(this);
//# sourceMappingURL=lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map

2
lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map
View File

@ -1 +1 @@
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.js"],"names":["displayError","getKey","setMsg","token","verify","msg","level","$","html","window","translate","removeClass","addClass","j","status","err","res","console","log","JSON","parse","responseText","error","replace","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,IAAIA,EAAcC,EAAQC,EAAQC,EAAOC,EAEzCF,EAAS,SAASG,EAAKC,GAOrB,OANAC,EAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCN,EAAe,SAASa,EAAGC,EAAQC,GACjC,IAAIC,EAGJ,GAFAC,QAAQC,IAAI,QAASH,IACrBC,EAAMG,KAAKC,MAAMP,EAAEQ,gBACRL,EAAIM,MAGb,OAFAN,EAAMA,EAAIM,MAAMC,QAAQ,MAAO,IAC/BN,QAAQC,IAAI,iBAAkBF,GACvBd,EAAOc,EAAK,YAIvBb,EAAQ,GAERF,EAAS,SAASuB,GAEhB,OADAtB,EAAO,cAAe,WACfK,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJC,OAAQP,GAEVF,MAAOtB,EACPgC,QAAS,SAASF,GAChB,IAAQG,EACR,OAAIH,EAAKR,OACHQ,EAAKR,MAAMY,MAAM,oBACnB3B,EAAE,cAAc4B,OAEXjC,EAAO4B,EAAKR,MAAO,YAEtBQ,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvC9B,EAAE,cAAc+B,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,IAAIC,OAAO,CACdC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAERxC,EAAE,eAAeyC,KAAKf,GAClBH,EAAKC,OACP7B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBC,EAAQ2B,EAAK3B,OArBXD,EAAO,OAAQ,cA0B9BE,EAAS,WACP,IAAI6C,EAEJ,OADAA,EAAM1C,EAAE,SAAS0C,OAIR1C,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJ3B,MAAOA,EACP+C,KAAMD,EACNE,SAAU5C,EAAE,aAAa0C,OAE3B3B,MAAOtB,EACPgC,QAAS,SAASF,GAChB,OAAIA,EAAKR,MACHQ,EAAKR,MAAMY,MAAM,kBACZhC,EAAO4B,EAAKR,MAAO,WAEnBpB,EAAO4B,EAAKR,MAAO,UAGrBpB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCK,EAAEqC,UAAUQ,MAAM,WAKhB,OAJAnD,EAAO,GACPM,EAAE,cAAc8C,GAAG,QAAS,WAC1B,OAAOpD,EAAO,KAETM,EAAE,WAAW8C,GAAG,QAAS,WAC9B,OAAOjD,UAIVkD,KAAKC"} {"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.js"],"names":["displayError","getKey","setMsg","token","verify","msg","level","$","html","window","translate","removeClass","addClass","j","status","err","res","console","log","JSON","parse","responseText","error","replace","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,GAAIA,GAAcC,EAAQC,EAAQC,EAAOC,CAEzCF,GAAS,SAASG,EAAKC,GAOrB,MANAC,GAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCN,EAAe,SAASa,EAAGC,EAAQC,GACjC,GAAIC,EAGJ,IAFAC,QAAQC,IAAI,QAASH,IACrBC,EAAMG,KAAKC,MAAMP,EAAEQ,gBACRL,EAAIM,MAGb,MAFAN,GAAMA,EAAIM,MAAMC,QAAQ,MAAO,IAC/BN,QAAQC,IAAI,iBAAkBF,GACvBd,EAAOc,EAAK,YAIvBb,EAAQ,GAERF,EAAS,SAASuB,GAEhB,MADAtB,GAAO,cAAe,WACfK,EAAEkB,MACPC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,MACEC,OAAQP,GAEVF,MAAOtB,EACPgC,QAAS,SAASF,GAChB,GAAQG,EACR,OAAIH,GAAKR,OACHQ,EAAKR,MAAMY,MAAM,oBACnB3B,EAAE,cAAc4B,OAEXjC,EAAO4B,EAAKR,MAAO,YAEtBQ,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvC9B,EAAE,cAAc+B,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,GAAIC,SACPC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAERxC,EAAE,eAAeyC,KAAKf,GAClBH,EAAKC,OACP7B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBC,EAAQ2B,EAAK3B,OArBXD,EAAO,OAAQ,cA0B9BE,EAAS,WACP,GAAI6C,EAEJ,OADAA,GAAM1C,EAAE,SAAS0C,MACZA,EAGI1C,EAAEkB,MACPC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,MACE3B,MAAOA,EACP+C,KAAMD,EACNE,SAAU5C,EAAE,aAAa0C,OAE3B3B,MAAOtB,EACPgC,QAAS,SAASF,GAChB,MAAIA,GAAKR,MACHQ,EAAKR,MAAMY,MAAM,kBACZhC,EAAO4B,EAAKR,MAAO,WAEnBpB,EAAO4B,EAAKR,MAAO,UAGrBpB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCK,EAAEqC,UAAUQ,MAAM,WAKhB,MAJAnD,GAAO,GACPM,EAAE,cAAc8C,GAAG,QAAS,WAC1B,MAAOpD,GAAO,KAETM,EAAE,WAAW8C,GAAG,QAAS,WAC9B,MAAOjD,WAIVkD,KAAKC","file":"lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js"}

49
lemonldap-ng-portal/t/62-UpgradeSession.t
View File

@ -9,6 +9,7 @@ require 't/smtp.pm';
use_ok('Lemonldap::NG::Common::FormEncode'); use_ok('Lemonldap::NG::Common::FormEncode');
count(1); count(1);
my $res;
my $client = LLNG::Manager::Test->new( { my $client = LLNG::Manager::Test->new( {
ini => { ini => {
logLevel => 'error', logLevel => 'error',
@ -26,6 +27,13 @@ my $client = LLNG::Manager::Test->new( {
'vhostAuthnLevel' => 3 'vhostAuthnLevel' => 3
}, },
}, },
"locationRules" => {
"test1.example.com" => {
'default' => 'accept',
'^/AuthWeak(?#AuthnLevel=2)' => 'deny',
'^/AuthStrong(?#AuthnLevel=5)' => 'deny',
},
},
} }
} }
); );
@ -33,7 +41,7 @@ my $client = LLNG::Manager::Test->new( {
# Try to authenticate # Try to authenticate
# ------------------- # -------------------
ok( ok(
my $res = $client->_post( $res = $client->_post(
'/', '/',
IO::String->new('user=dwho&password=dwho&lmAuth=weak'), IO::String->new('user=dwho&password=dwho&lmAuth=weak'),
length => 35, length => 35,
@ -42,15 +50,40 @@ ok(
'Auth query' 'Auth query'
); );
count(1); count(1);
my $id = expectCookie($res); my $id = expectCookie($res);
# Portal IS NOT a handler
#########################
ok(
$res = $client->_get(
'/AuthWeak',
accept => 'text/html',
cookie => "lemonldap=$id",
host => 'test1.example.com',
),
'GET http://test1.example.com/AuthWeak'
);
expectOK($res);
count(1);
ok(
$res = $client->_get(
'/AuthStrong',
accept => 'text/html',
cookie => "lemonldap=$id",
host => 'test1.example.com',
),
'GET http://test1.example.com/AuthStrong'
);
count(1);
# After attempting to access test1, # After attempting to access test1,
# the handler sends up back to /upgradesession # the handler sends up back to /upgradesession
# -------------------------------------------- # --------------------------------------------
ok( ok(
my $res = $client->_get( $res = $client->_get(
'/upgradesession', '/upgradesession',
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t', query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
accept => 'text/html', accept => 'text/html',
@ -67,7 +100,7 @@ my ( $host, $url, $query ) =
# ---------------------- # ----------------------
ok( ok(
my $res = $client->_post( $res = $client->_post(
'/upgradesession', '/upgradesession',
IO::String->new($query), IO::String->new($query),
length => length($query), length => length($query),
@ -79,8 +112,7 @@ ok(
count(1); count(1);
my $pdata = expectCookie( $res, 'lemonldappdata' ); my $pdata = expectCookie( $res, 'lemonldappdata' );
( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' );
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' );
$query = $query . "&lmAuth=strong"; $query = $query . "&lmAuth=strong";
@ -89,7 +121,7 @@ $query = $query . "&lmAuth=strong";
# ------------------------------------------- # -------------------------------------------
ok( ok(
my $res = $client->_post( $res = $client->_post(
'/upgradesession', '/upgradesession',
IO::String->new($query), IO::String->new($query),
length => length($query), length => length($query),
@ -110,7 +142,7 @@ expectRedirection( $res, 'http://test1.example.com' );
# Make pdata was cleared and we aren't being redirected # Make pdata was cleared and we aren't being redirected
ok( ok(
my $res = $client->_get( $res = $client->_get(
'/', '/',
accept => 'text/html', accept => 'text/html',
cookie => "lemonldap=$id;lemonldappdata=$pdata", cookie => "lemonldap=$id;lemonldappdata=$pdata",
@ -118,7 +150,6 @@ ok(
'Post login' 'Post login'
); );
count(1); count(1);
expectOK($res); expectOK($res);
clean_sessions(); clean_sessions();